Category

Scan Summary Report into Jenkins

I am currently running scans using burp enterprise from Jenkins. The scan completes and a report is available on burp enterprise server. But how do I get this report to be displayed in Jenkins?

Rose, PortSwigger Agent |
Last updated: May 29, 2019 07:07AM UTC

Thanks for your message.
This is not currently possible, but we've created a story in our development backlog and added your interest in this feature. We can't give you an ETA on this, but we will update you when it's available.
Please let us know if you need any further assistance.

Rose, PortSwigger Agent |
Last updated: May 29, 2019 08:17AM UTC

The report is generated when you select "Download Report".
You need to select the scan that you are interested in and there should be a green button entitled "Download Report". If you click this, you'll get a modal dialog. When you click on "Download" it should just download into your Downloads folder (provided you haven't configured a different location for downloads – then it will go straight into the alternatively configured directory for downloads, where you would normally find them).
Let me know if you need any further help.

Burp User |
Last updated: May 30, 2019 09:22AM UTC

Is this HTML report stored somewhere on the Burp Enterprise server, so that I can get a copy of it?

Liam, PortSwigger Agent |
Last updated: Jul 11, 2019 12:54PM UTC

The scan report should be downloaded in HTML format. Which version of Burp Enterprise are you running?

Burp User |
Last updated: Oct 03, 2019 08:40AM UTC

Any update on this feature? it's returning the JSON report but we would like to have the HTML view and will attached in mail after the job in ran in Jenkins?

Burp User |
Last updated: Oct 21, 2019 08:43AM UTC

No I mean via Jenkins, I can just pull json from API but is there a way I can publish the reports in Jenkins or attached in the email?

Ben, PortSwigger Agent |
Last updated: Oct 21, 2019 09:44AM UTC

Hi,
Can you clarify your query. Are you asking whether you can generate the report through the REST API?

Burp User |
Last updated: Oct 22, 2019 01:47AM UTC

Hi,
Currently I create a pipeline in Jenkins that will run burpsuite enterprise via REST API, I just like to know if there is a way I can pull the reports and publish it also in Jenkins or as attachment?

Ben, PortSwigger Agent |
Last updated: Oct 22, 2019 07:50AM UTC

Hi,
Unfortunately, there is no mechanism to generate an HTML report through the REST API so you would not be able to automatically pull the reports into Jenkins.
The full HTML reports can only be generated via the Burp Enterprise GUI.

alok |
Last updated: Apr 17, 2020 08:20AM UTC

Can we generate the Burp Scan HTML report in Jenkins now?

alok |
Last updated: Apr 17, 2020 08:20AM UTC

In Burp Enterprise.

Uthman, PortSwigger Agent |
Last updated: Apr 17, 2020 08:42AM UTC

Hi Alok,
Unfortunately, it is still not possible to generate reports from within Jenkins/using the API. In the next release, we will be releasing a new API that will make this possible. I will notify this thread when the release is out.

Mridul |
Last updated: May 06, 2020 01:47PM UTC

Hello team,
First up, many congratulations on coming out with this great product, i.e Burp Enterprise. I have been evaluating it for a few weeks now and it works great.
I am currently trying to configure my email in Burp Enterprise to try and be able to mail the scan reports to a certain set of people. But I keep getting an error that says "Unable to send test mail. Please check the email and proxy settings". Now I have made the following configurations in the Network tab:
==>Web server URL - http://127.0.0.1:8080 (since I am currently testing on my PC. Tried the URL without port no. as well)
==>Web server port - 8080
==>Use TLS - No
==>HTTP Proxy server - Disabled (I have not configured a proxy since its my personal computer and there's no restriction on accessing any website. I hope that's okay.) If this needs to be configured, what goes in the hostname and the port number?
In the email tab, I have configured the following:
==>SMTP server - smtp.gmail.com
==>Port - 465 (also tried with 25 and 587)
==>From address - a Gmail ID
==>Authenticated - Yes
==>Username - Username of the said Gmail account (can we also use any random Username or has it got to be the one configured with the Gmail account?)
==>Password - Gmail generated app password (since two factor is enabled in the said Gmail account)
==>Enable TLS - No
Request you to guide me where am I going wrong? I am unable to send the Test mail.
Thank you,
Mridul

Uthman, PortSwigger Agent |
Last updated: May 06, 2020 03:02PM UTC

Hi Mridul,
Glad you are enjoying Enterprise!
Can you confirm whether or not you have tried the steps listed here? https://portswigger.net/burp/documentation/enterprise/getting-started/initial-configuration/config-email
Have you tried enabling TLS when sending the test email too? Can you change the port back to 587 and enable TLS?
If you still face issues, please reproduce the error and send the latest log files to support@portswigger.net. You can find these at /var/log/BurpSuiteEnterpriseEdition on Mac/Linux or C:\ProgramData\BurpSuiteEnterpriseEdition on Windows.

Mridul |
Last updated: May 09, 2020 01:16PM UTC

Hello Uthman,
Thank you very much for your support. 'Have you tried enabling TLS when sending the test email too? Can you change the port back to 587 and enable TLS?' this advice worked. Thank you very much.